Allwinner’s ARM Linux kernel includes “rootmydevice” code that gives apps root.
Allwinner, a Chinese system-on-a-chip company that makes the processor used in many low-cost Android tablets, set-top boxes, ARM-based PCs, and other devices, apparently shipped a version of its Linux kernel with a ridiculously easy-to-use backdoor built in. All any code needs to do to gain root access is send the text “rootmydevice” to an undocumented debugging process.
The backdoor code may have inadvertently been left in the kernel after developers completed debugging. But the company has been less than transparent about it: information about the backdoor was released and then apparently deleted through Allwinner’s own Github account. The kernel, linux-3.4-sunxi, which was originally developed to support Android on Allwinner’s ARM processors for tablets, has also been used to develop a community version. The kernel was also the basis for porting over various versions of Linux to Allwinner’s processors, which are used in the Orange Pi and Banana Pi micro-PCs (developer boards compatible with Raspberry Pi) along with a number of other devices.
The way Allwinner has distributed its Linux kernel has been frustrating to many developers. The company has not encouraged or participated in community development and has been accused of numerous violations of the GPL license for the Linux kernel. The kernel “drops” by Allwinner include a number of binaries that are essentially closed source, as well as code released under other licenses—largely to support the graphics engines of its processors.